Download the PHP package calips-labs/craft-cloudflare-access without Composer

On this page you can find all versions of the php package calips-labs/craft-cloudflare-access. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package craft-cloudflare-access

Cloudflare Access

Cloudflare Access integration for Craft CMS.

This plugin makes it very easy to integrate Cloudflare Access with Craft CMS. Cloudflare Access is a modern, zero trust solution to protect applications or websites. You can use it to protect the control panel of a Craft website, or even the complete website.

This plugin adds automatic logging in to either the control panel, the frontend or both using the identity provided by Cloudflare. Cloudflare Access makes it easy to integrate various identity providers, like Okta, Microsoft Azure AD, Google Workspace or social media accounts like Facebook, GitHub or Google accounts. Cloudflare Access is free up to 50 users. It requires your sites traffic to be proxied through Cloudflare.

How does this work?

Each application protected by Cloudflare access is protected by a Cloudflare login page. This can be set for a full domain or a part of it (e.g. only /admin/).

Cloudflare injects a JWT header which contains a signature, expiry information, and the user's identity. This plugin decodes the JWT, attempts to find a matching user in Craft CMS, and automatically signs in that user when the user is not suspended or deactivated.

This way you enable single sign-on for your users, which reduces friction, relieves them from saving another password, and you increase security when you rely on 2FA from external identity providers.

You may choose to enable this feature for control panel URLs, frontend URLs, or both. This plugin does not create new users if they do not exist in Craft.

Limitations

This plugin has currently the following limitations:

Requirements

This plugin requires Craft CMS 4.3.5 or later, and PHP 8.0.2 or later.

It also requires a Cloudflare Access application to be configured. See below for configuration instructions.

Installation

You can install this plugin from the Plugin Store or with Composer.

From the Plugin Store

Go to the Plugin Store in your project’s Control Panel and search for “Cloudflare Access”. Then press “Install”.

With Composer

Open your terminal and run the following commands:

Configuring Cloudflare Access

  1. Go to the Cloudflare Zero Trust dashboard.
  2. Go to Access → Applications and click Add an application.
  3. Pick Self-hosted.
  4. Enter a name and set the domain, subdomain and optionally the path. If you want to protect the control panel only, enter /admin/.
  5. Application appearance is only relevant for Cloudflare's app launcher.
  6. Select which identity providers you accept. The default is to enable all identity providers. For testing, One-time PIN could be useful (you enter an e-mail address and then have to enter the PIN code sent to it).
  7. Click Next.
  8. You'll now have to create a policy. Enter a name and configure rules below. For testing, you might select Everyone which would allow everyone to log in. Better rules might check for the domain part of an e-mail address, or Azure Group ID's.
  9. Click Next.
  10. The CORS settings, Cookie settings and additional settings can be left unchanged. Click Add application.
  11. In the applications overview, a new application is added. Click Edit.
  12. Click Overview. Copy the Application Audiance (AUD) Tag.
  13. Install the Cloudflare Access plugin to Craft, enable it and go to the plugin settings.
  14. Enter the AUD tag.
  15. You'll also have to enter the Team Domain. You can find this in the Cloudflare control panel under Settings → General. Copy the team domain including the last part containing .cloudflareaccess.com.
  16. In the plugin settings, enable auto login for either the control panel and/or frontend.
  17. Verify that your token is working as expected in Craft through Utilities → Cloudflare Access. It should show your Cloudflare login.

Note: You can logout from Cloudflare Access using the following URL: https://<team>.cloudflareaccess.com/cdn-cgi/access/logout
This can be useful during testing.


All versions of craft-cloudflare-access with dependencies

PHP Build Version
Package Version
Requires php Version >=8.0.2
codercat/jwk-to-pem Version ^1.1
craftcms/cms Version ^4.3.0|^5.0.0
lcobucci/jwt Version ^4.3
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package calips-labs/craft-cloudflare-access contains the following files

Loading the files please wait ....